awk '/Failed password/ {if ($9=="invalid") print $13; else print $11}'
/var/log/secure|cut -b 8-|sort|uniq -c|sort -nr|awk '{if ($1>10) print $2}'|
xargs -i iptables -A INPUT -s {} -j DROP
(all one line)
Read the security logs, find IPs with more than 10 failed login attempts, and drop all future traffic from the punkasses!
Man I love iptables. I spent such a long time avoiding learning them because I had a perception that they were complex. They're bloody easy!
No comments:
Post a Comment